From 6132a094fb93328f975a1cbfde45fff8869beecd Mon Sep 17 00:00:00 2001 From: gitadvisor Date: Sat, 18 Jan 2025 16:21:23 +0000 Subject: [PATCH] generated content from 2025-01-18 --- mapping.csv | 6 +++++ ...-034bff74-aebd-4b12-8ddc-cca5083ae3e4.json | 22 +++++++++++++++++++ ...-14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json | 22 +++++++++++++++++++ ...-15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json | 22 +++++++++++++++++++ ...-c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json | 22 +++++++++++++++++++ ...-caeb5cc9-784b-48f5-86f9-1dce345260e7.json | 22 +++++++++++++++++++ ...-e6e66a44-8bca-4703-961b-51344909e493.json | 22 +++++++++++++++++++ 7 files changed, 138 insertions(+) create mode 100644 objects/vulnerability/vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4.json create mode 100644 objects/vulnerability/vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json create mode 100644 objects/vulnerability/vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json create mode 100644 objects/vulnerability/vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json create mode 100644 objects/vulnerability/vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7.json create mode 100644 objects/vulnerability/vulnerability--e6e66a44-8bca-4703-961b-51344909e493.json diff --git a/mapping.csv b/mapping.csv index 9e659c3d96..c59ecea297 100644 --- a/mapping.csv +++ b/mapping.csv @@ -264267,3 +264267,9 @@ vulnerability,CVE-2024-13375,vulnerability--906e8bab-7a31-4488-97fe-04742f4d6fb1 vulnerability,CVE-2025-0557,vulnerability--b50e2a89-eefd-47b0-9d12-455312f5fbb4 vulnerability,CVE-2025-0558,vulnerability--1310e7d6-1c52-439a-8f9f-65767e4ddd7e vulnerability,CVE-2025-0559,vulnerability--9ca5459c-9b61-4909-acdb-93fc15f3f567 +vulnerability,CVE-2024-49354,vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7 +vulnerability,CVE-2024-49824,vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352 +vulnerability,CVE-2024-49338,vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5 +vulnerability,CVE-2024-47113,vulnerability--e6e66a44-8bca-4703-961b-51344909e493 +vulnerability,CVE-2024-51448,vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d +vulnerability,CVE-2025-0560,vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4 diff --git a/objects/vulnerability/vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4.json b/objects/vulnerability/vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4.json new file mode 100644 index 0000000000..e434edde3a --- /dev/null +++ b/objects/vulnerability/vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--da5dde4c-1d73-48c8-87f8-9835ed4efe69", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:08.222849Z", + "modified": "2025-01-18T16:21:08.222849Z", + "name": "CVE-2025-0560", + "description": "A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0560" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json b/objects/vulnerability/vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json new file mode 100644 index 0000000000..dbcb29dd78 --- /dev/null +++ b/objects/vulnerability/vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c11390d4-1ec5-4c37-a4bf-d4806a658eff", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:02.034685Z", + "modified": "2025-01-18T16:21:02.034685Z", + "name": "CVE-2024-49338", + "description": "IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49338" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json b/objects/vulnerability/vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json new file mode 100644 index 0000000000..948523c9df --- /dev/null +++ b/objects/vulnerability/vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cd0baa1b-ffcb-49d3-844c-fa03eb125f60", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:03.712944Z", + "modified": "2025-01-18T16:21:03.712944Z", + "name": "CVE-2024-51448", + "description": "IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-51448" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json b/objects/vulnerability/vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json new file mode 100644 index 0000000000..d9986248fb --- /dev/null +++ b/objects/vulnerability/vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4f9939c7-9d19-44dc-b8aa-5d9f9473312c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:02.027693Z", + "modified": "2025-01-18T16:21:02.027693Z", + "name": "CVE-2024-49824", + "description": "IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and \n\nIBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18\n\ncould allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49824" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7.json b/objects/vulnerability/vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7.json new file mode 100644 index 0000000000..7563ef0133 --- /dev/null +++ b/objects/vulnerability/vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c1f18894-65b2-4a6f-bd6b-0b02b1735741", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:02.001349Z", + "modified": "2025-01-18T16:21:02.001349Z", + "name": "CVE-2024-49354", + "description": "IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49354" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e6e66a44-8bca-4703-961b-51344909e493.json b/objects/vulnerability/vulnerability--e6e66a44-8bca-4703-961b-51344909e493.json new file mode 100644 index 0000000000..b2f38ac695 --- /dev/null +++ b/objects/vulnerability/vulnerability--e6e66a44-8bca-4703-961b-51344909e493.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--79e1cd4a-fe54-4914-a779-346af293a040", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e6e66a44-8bca-4703-961b-51344909e493", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-18T16:21:03.287637Z", + "modified": "2025-01-18T16:21:03.287637Z", + "name": "CVE-2024-47113", + "description": "IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47113" + } + ] + } + ] +} \ No newline at end of file